v6 first pass

This commit is contained in:
chris hellberg 2021-12-27 15:15:01 -05:00
parent 70c6e9834d
commit 8e206aead2
6 changed files with 31 additions and 12 deletions

View file

@ -1374,7 +1374,7 @@ handshake_version(int dns_fd, int *seed)
} }
static int static int
handshake_login(int dns_fd, int seed) handshake_login(int dns_fd, int seed, int forward_v6)
{ {
char in[4096]; char in[4096];
char login[16]; char login[16];
@ -1405,7 +1405,7 @@ handshake_login(int dns_fd, int seed)
server[64] = 0; server[64] = 0;
client[64] = 0; client[64] = 0;
if (tun_setip(client, server, netmask) == 0 && if (tun_setip(client, server, netmask, forward_v6) == 0 &&
tun_setmtu(mtu) == 0) { tun_setmtu(mtu) == 0) {
fprintf(stderr, "Server tunnel IP is %s\n", server); fprintf(stderr, "Server tunnel IP is %s\n", server);
@ -2326,7 +2326,7 @@ handshake_set_fragsize(int dns_fd, int fragsize)
} }
int int
client_handshake(int dns_fd, int raw_mode, int autodetect_frag_size, int fragsize) client_handshake(int dns_fd, int raw_mode, int autodetect_frag_size, int fragsize, int forward_v6)
{ {
int seed; int seed;
int upcodec; int upcodec;
@ -2349,7 +2349,7 @@ client_handshake(int dns_fd, int raw_mode, int autodetect_frag_size, int fragsiz
return r; return r;
} }
r = handshake_login(dns_fd, seed); r = handshake_login(dns_fd, seed, forward_v6);
if (r) { if (r) {
return r; return r;
} }

View file

@ -35,7 +35,7 @@ void client_set_lazymode(int lazy_mode);
void client_set_hostname_maxlen(int i); void client_set_hostname_maxlen(int i);
int client_handshake(int dns_fd, int raw_mode, int autodetect_frag_size, int client_handshake(int dns_fd, int raw_mode, int autodetect_frag_size,
int fragsize); int fragsize, int forward_v6);
int client_tunnel(int tun_fd, int dns_fd); int client_tunnel(int tun_fd, int dns_fd);
#endif #endif

View file

@ -72,7 +72,7 @@ static void help(FILE *stream, bool verbose)
{ {
fprintf(stream, fprintf(stream,
"iodine IP over DNS tunneling client\n\n" "iodine IP over DNS tunneling client\n\n"
"Usage: %s [-46fhrv] [-u user] [-t chrootdir] [-d device] [-P password]\n" "Usage: %s [-46fhrvS] [-u user] [-t chrootdir] [-d device] [-P password]\n"
" [-m maxfragsize] [-M maxlen] [-T type] [-O enc] [-L 0|1] [-I sec]\n" " [-m maxfragsize] [-M maxlen] [-T type] [-O enc] [-L 0|1] [-I sec]\n"
" [-z context] [-F pidfile] [nameserver] topdomain\n", __progname); " [-z context] [-F pidfile] [nameserver] topdomain\n", __progname);
@ -100,6 +100,7 @@ static void help(FILE *stream, bool verbose)
" -t dir to chroot to directory dir\n" " -t dir to chroot to directory dir\n"
" -d device to set tunnel device name\n" " -d device to set tunnel device name\n"
" -z context, to apply specified SELinux context after initialization\n" " -z context, to apply specified SELinux context after initialization\n"
" -S enable forwarding of IPv6 packets within the tunnel\n"
" -F pidfile to write pid to a file\n\n" " -F pidfile to write pid to a file\n\n"
"nameserver is the IP number/hostname of the relaying nameserver. If absent,\n" "nameserver is the IP number/hostname of the relaying nameserver. If absent,\n"
" /etc/resolv.conf is used\n" " /etc/resolv.conf is used\n"
@ -152,6 +153,7 @@ int main(int argc, char **argv)
struct sockaddr_storage nameservaddr; struct sockaddr_storage nameservaddr;
int nameservaddr_len; int nameservaddr_len;
int nameserv_family; int nameserv_family;
int forward_v6;
nameserv_host = NULL; nameserv_host = NULL;
topdomain = NULL; topdomain = NULL;
@ -176,6 +178,7 @@ int main(int argc, char **argv)
selecttimeout = 4; selecttimeout = 4;
hostname_maxlen = 0xFF; hostname_maxlen = 0xFF;
nameserv_family = AF_UNSPEC; nameserv_family = AF_UNSPEC;
forward_v6 = 0;
#ifdef WINDOWS32 #ifdef WINDOWS32
WSAStartup(req_version, &wsa_data); WSAStartup(req_version, &wsa_data);
@ -192,7 +195,7 @@ int main(int argc, char **argv)
__progname++; __progname++;
#endif #endif
while ((choice = getopt(argc, argv, "46vfhru:t:d:R:P:m:M:F:T:O:L:I:")) != -1) { while ((choice = getopt(argc, argv, "46vfhru:t:d:R:P:m:M:F:T:O:L:I:s")) != -1) {
switch(choice) { switch(choice) {
case '4': case '4':
nameserv_family = AF_INET; nameserv_family = AF_INET;
@ -268,6 +271,9 @@ int main(int argc, char **argv)
if (!lazymode) if (!lazymode)
selecttimeout = 1; selecttimeout = 1;
break; break;
case 'S':
forward_v6 = 1;
break;
case 'I': case 'I':
selecttimeout = atoi(optarg); selecttimeout = atoi(optarg);
if (selecttimeout < 1) if (selecttimeout < 1)

View file

@ -2274,7 +2274,7 @@ write_dns(int fd, struct query *q, const char *data, int datalen, char downenc)
static void print_usage(FILE *stream) static void print_usage(FILE *stream)
{ {
fprintf(stream, fprintf(stream,
"Usage: %s [-46cDfsv] [-u user] [-t chrootdir] [-d device] [-m mtu]\n" "Usage: %s [-46cDfsvS] [-u user] [-t chrootdir] [-d device] [-m mtu]\n"
" [-z context] [-l ipv4 listen address] [-L ipv6 listen address]\n" " [-z context] [-l ipv4 listen address] [-L ipv6 listen address]\n"
" [-p port] [-n auto|external_ip] [-b dnsport] [-P password]\n" " [-p port] [-n auto|external_ip] [-b dnsport] [-P password]\n"
" [-F pidfile] [-i max idle time] tunnel_ip[/netmask] topdomain\n", " [-F pidfile] [-i max idle time] tunnel_ip[/netmask] topdomain\n",
@ -2390,6 +2390,7 @@ main(int argc, char **argv)
int dns4addr_len; int dns4addr_len;
struct sockaddr_storage dns6addr; struct sockaddr_storage dns6addr;
int dns6addr_len; int dns6addr_len;
int forward_v6;
#ifdef HAVE_SYSTEMD #ifdef HAVE_SYSTEMD
int nb_fds; int nb_fds;
#endif #endif
@ -2418,7 +2419,7 @@ main(int argc, char **argv)
debug = 0; debug = 0;
netmask = 27; netmask = 27;
pidfile = NULL; pidfile = NULL;
forward_v6 = 0;
retval = 0; retval = 0;
#ifdef WINDOWS32 #ifdef WINDOWS32
@ -2507,6 +2508,9 @@ main(int argc, char **argv)
/* XXX: find better way of cleaning up ps(1) */ /* XXX: find better way of cleaning up ps(1) */
memset(optarg, 0, strlen(optarg)); memset(optarg, 0, strlen(optarg));
break; break;
case 'S':
forward_v6 = 1;
break;
case 'z': case 'z':
context = optarg; context = optarg;
break; break;
@ -2674,7 +2678,7 @@ main(int argc, char **argv)
} }
if (!skipipconfig) { if (!skipipconfig) {
const char *other_ip = users_get_first_ip(); const char *other_ip = users_get_first_ip();
if (tun_setip(argv[0], other_ip, netmask) != 0 || tun_setmtu(mtu) != 0) { if (tun_setip(argv[0], other_ip, netmask, forward_v6) != 0 || tun_setmtu(mtu) != 0) {
retval = 1; retval = 1;
free((void*) other_ip); free((void*) other_ip);
goto cleanup; goto cleanup;

View file

@ -592,7 +592,7 @@ read_tun(int tun_fd, char *buf, size_t len)
#endif #endif
int int
tun_setip(const char *ip, const char *other_ip, int netbits) tun_setip(const char *ip, const char *other_ip, int netbits, int forward_v6)
{ {
char cmdline[512]; char cmdline[512];
int netmask; int netmask;
@ -687,6 +687,15 @@ tun_setip(const char *ip, const char *other_ip, int netbits)
if_name, ip, inet_ntoa(net)); if_name, ip, inet_ntoa(net));
return system(cmdline); return system(cmdline);
#endif #endif
if (forward_v6) {
snprintf(cmdline, sizeof(cmdline),
IFCONFIGPATH "ifconfig %s inet6 add ::%s/64",
if_name,
ip);
fprintf(stderr, "Setting IP of %s to %s\n", if_name, ip);
}
} }
int int

View file

@ -22,7 +22,7 @@ int open_tun(const char *);
void close_tun(int); void close_tun(int);
int write_tun(int, char *, size_t); int write_tun(int, char *, size_t);
ssize_t read_tun(int, char *, size_t); ssize_t read_tun(int, char *, size_t);
int tun_setip(const char *, const char *, int); int tun_setip(const char *, const char *, int, int);
int tun_setmtu(const unsigned); int tun_setmtu(const unsigned);
#endif /* _TUN_H_ */ #endif /* _TUN_H_ */